<?php

require('../db/database.php');

class profile {

    public function all() {
        global $db;
        $sql = "Select * FROM bf_profile";
        $query = $db->query($sql);
        while ($res = $db->fetch_array($query)) {
            echo $res['Username'] . ": " . $res['Password'] . "<br/>";
        }
    }

    public function search_by_id($id) {
        global $db;
        $sql = "Select * FROM profiles where id = {$id} Limit 0,1";
        $query = $db->query($sql);
        $num_queries = @$db->num_rows($query);
        if ($num_queries == 0) {
            echo "Oops!Sorry, the person you are looking is not here!";
        } else {
            $res = $db->fetch_array($query);
            echo "Name: {$res['Name']}";
            echo "<br/>";
            echo "Address: {$res['Address']}";
        }
    }

//    public function search_by_name($name) {
//        global $db;
//        $sql = "Select * FROM profiles where Name Like '%{$name}%' ";
//        $query = $db->query($sql);
//        $num_queries = $db->num_rows($query);
//        echo "{$num_queries} Results";
//        echo "<br/>";
//        echo "<br/>";
//        while ($res = $db->fetch_array($query)) {
//            echo "<a href='profile_service.php?profid={$res['id']}'>{$res['Name']}</a><br/>";
//        }
//    }

//    public function add_new() {
//        global $db;
//        $username = mysql_real_escape_string($_POST['username']);
//        $pass = mysql_real_escape_string($_POST['password']);
//        $name = mysql_real_escape_string($_POST['name']);
//        $address = mysql_real_escape_string($_POST['address']);
//        $sql = $sql = "INSERT INTO `phonebook`.`profiles` (`id`, `Username`, `Password`, `Name`, `Address`)
//				Values ('','{$username}','{$pass}','{$name}','{$address}')";
//        $query = $db->query($sql);
//        if (!$query) {
//            die('Unable to add: ' . mysql_error());
//        } else {
//            echo "New Entry added. <a href='login.php'>Log in</a>.";
//        }
//    }

//    public function login() {
//        global $db;
//        $username = mysql_real_escape_string($_POST['username']);
//        $pass = mysql_real_escape_string($_POST['password']);
//        $sql = "Select * from profiles where Username = '{$username}' AND Password = '{$pass}'";
//        $query = $db->query($sql);
//        $num_user = $db->num_rows($query);
//        if ($num_user == 1) {
//            session_start();
//            $_SESSION['user'] = $username;
//            $_SESSION['status'] = 'True';
//            header('Location: index.php');
//        } else {
//            echo "Wrong password or user may not exist!!";
//        }
//    }

}

$profile = new profile();


?>